]> git.wincent.com - bansshee.git/log
bansshee.git
12 years agoAdd "contrib" files for RHEL 5.4 master
Wincent Colaiuta [Sun, 1 Nov 2009 10:00:29 +0000 (11:00 +0100)] 
Add "contrib" files for RHEL 5.4

These are basically identical to the files for RHEL 5.3 with one
exception: the regular expressions have been changed to match only
failed password attempts and not "none" or "publickey" attempts.

This is because in practice most SSH clients will first try "none", then
"publickey" before falling back to "password" (see the
"PreferredAuthentications" setting in the ssh_config man page). As such
even for legitimate users who access with a correct password it is
normal to see log entries like these:

  sshd[18294]: Connection from w.x.y.z port 63735
  sshd[18294]: Failed none for example_user from w.x.y.z port 63735 ssh2
  sshd[18294]: Failed publickey for example_user from w.x.y.z port 63735
    ssh2
  sshd[18294]: Accepted password for example_user from w.x.y.z port
    63735 ssh2
  sshd[18294]: User child is on pid 18311
  bansshee[18288]: Failed password attempt for user (example_user) from
    IP w.x.y.z (1 attempt(s) so far)
  bansshee[18288]: Failed password attempt for user (example_user) from
    IP w.x.y.z (2 attempt(s) so far)

As this artificially inflates the failed attempt count for legitimate
IPs, and given that the principal purpose of Bansshee is as a
countermeasure for _dictionary_ brute force attacks (the only type of
bruteforce attack that I have really seen in the wild), the change to
the regular expressions to catch only failed password attempts is
justified.

If non-password brute force attacks start to appear in the wild, we can
always revert this change and slightly raise the number of allowed
attempts to compensate, or modify the Bansshee code to discount failed
"none" and "publickey" attempts provided that they are immediately
followed by a successful "password" attempt.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoBump version number post-release
Wincent Colaiuta [Wed, 24 Jun 2009 10:01:25 +0000 (12:01 +0200)] 
Bump version number post-release

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoAdd VERSION file 1.0.1
Wincent Colaiuta [Wed, 24 Jun 2009 09:59:56 +0000 (11:59 +0200)] 
Add VERSION file

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoUpdate HISTORY file for 1.0.1 release
Wincent Colaiuta [Wed, 24 Jun 2009 09:59:32 +0000 (11:59 +0200)] 
Update HISTORY file for 1.0.1 release

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoRewrap and reformat FAQ
Wincent Colaiuta [Wed, 24 Jun 2009 09:55:38 +0000 (11:55 +0200)] 
Rewrap and reformat FAQ

Rewrap to 80 columns for better display on narrow terminals and tweak
the formatting for better readability.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoSwitch to BSD license
Wincent Colaiuta [Wed, 24 Jun 2009 09:48:57 +0000 (11:48 +0200)] 
Switch to BSD license

This is the simplified, 2-clause version of the BSD license, as used by
FreeBSD. I prefer a more permissive license because I don't think the
extra protections offered by the GPL are really necessary.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoRemove out-of-date NOTES file
Wincent Colaiuta [Wed, 24 Jun 2009 09:46:38 +0000 (11:46 +0200)] 
Remove out-of-date NOTES file

This mostly refers to implementation details and provides examples of
use on a fairly old platform (RHEL ES 3), so just dump it.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoAdd low-level configuration information to README file
Wincent Colaiuta [Wed, 24 Jun 2009 09:40:58 +0000 (11:40 +0200)] 
Add low-level configuration information to README file

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoRewrap README to fit within 80 columns
Wincent Colaiuta [Wed, 24 Jun 2009 09:27:32 +0000 (11:27 +0200)] 
Rewrap README to fit within 80 columns

This is the result of running:

  fold -s README > tmp
  mv tmp README

And then trimming unwanted trailing whitespace; from within Vim:

  :%s/ $//g

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoUpdate list of distros in contrib
Wincent Colaiuta [Wed, 24 Jun 2009 09:21:53 +0000 (11:21 +0200)] 
Update list of distros in contrib

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agocontrib/RHEL-5.3: add sample configuration file
Wincent Colaiuta [Wed, 24 Jun 2009 09:18:36 +0000 (11:18 +0200)] 
contrib/RHEL-5.3: add sample configuration file

Also update the README to explain the changes in the configuration file.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoPartially revert "Update default settings for RHEL 5.3"
Wincent Colaiuta [Wed, 24 Jun 2009 09:04:54 +0000 (11:04 +0200)] 
Partially revert "Update default settings for RHEL 5.3"

On reflecting about this further I don't think it's a good idea to
change either the defaults in the script nor the example lines in the
config because some users may be depending on those details.

This partially reverts commit 706b12b. I've left in some minor comment
changes and whitespace fixes from the original commit.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agocontrib/RHEL-5.3: update logwatch script to match "Adding JUMP rule..."
Wincent Colaiuta [Wed, 24 Jun 2009 08:59:34 +0000 (10:59 +0200)] 
contrib/RHEL-5.3: update logwatch script to match "Adding JUMP rule..."

Looks like this was always a bug, as Bansshee has always said "Adding
JUMP rule..." rather than "Appending JUMP rule...".

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoAdd README for RHEL 5.3 contrib files
Wincent Colaiuta [Tue, 23 Jun 2009 20:56:47 +0000 (22:56 +0200)] 
Add README for RHEL 5.3 contrib files

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoAdd secure.conf override file for RHEL 5.3
Wincent Colaiuta [Tue, 23 Jun 2009 20:55:48 +0000 (22:55 +0200)] 
Add secure.conf override file for RHEL 5.3

This is needed to override the setting in:

  /usr/share/logwatch/default.conf/services/secure.conf

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoUpdate default settings for RHEL 5.3
Wincent Colaiuta [Tue, 23 Jun 2009 20:23:07 +0000 (22:23 +0200)] 
Update default settings for RHEL 5.3

RHEL ES 3 is now very old, so update the default settings to suit RHEL
5.3.

The only substantive change is that the illegal_user_regex variable has
been tweaked (error messages now refer to "invalid user" rather than
"illegal user".

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoAdd contrib files for RHEL 5.3
Wincent Colaiuta [Tue, 23 Jun 2009 20:02:01 +0000 (22:02 +0200)] 
Add contrib files for RHEL 5.3

For the time being these are just copies of the other RHEL-ES3 files
alrady in the repository.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoRename the "support" directory to "contrib"
Wincent Colaiuta [Tue, 23 Jun 2009 19:03:06 +0000 (21:03 +0200)] 
Rename the "support" directory to "contrib"

This name should make it clearer that the files contained therein are
not "officially" part of Bansshee itself, but are contributed by users
and distributed as a convenience.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoUpdate contact info
Wincent Colaiuta [Mon, 22 Jun 2009 09:46:41 +0000 (11:46 +0200)] 
Update contact info

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoUpdate repository info
Wincent Colaiuta [Mon, 22 Jun 2009 09:42:45 +0000 (11:42 +0200)] 
Update repository info

Note that the code is now stored in a Git repository and the old
Subversion repository is made available or historical purposes only.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoUpdate URLs and email addresses
Wincent Colaiuta [Mon, 22 Jun 2009 09:38:22 +0000 (11:38 +0200)] 
Update URLs and email addresses

Update donations URL and email, and remove old site address.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoRewrap INSTALL file to fit within 80 columns
Wincent Colaiuta [Mon, 22 Jun 2009 09:36:33 +0000 (11:36 +0200)] 
Rewrap INSTALL file to fit within 80 columns

For better display on narrow terminals.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoClean-up headers
Wincent Colaiuta [Mon, 22 Jun 2009 09:30:34 +0000 (11:30 +0200)] 
Clean-up headers

Remove legacy "Id" tags, trim unnecessary lines, and update copyright
year ranges.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoRemove unused TODO file
Wincent Colaiuta [Mon, 22 Jun 2009 09:26:45 +0000 (11:26 +0200)] 
Remove unused TODO file

This is only a pointer to http://bugs.wincent.com/ in any case.

Signed-off-by: Wincent Colaiuta <win@wincent.com>
13 years agoRemove legacy Id tag
Wincent Colaiuta [Wed, 13 May 2009 22:15:25 +0000 (00:15 +0200)] 
Remove legacy Id tag

Signed-off-by: Wincent Colaiuta <win@wincent.com>
15 years agoAdded Ubunutu Dapper support files
Wincent Colaiuta [Thu, 7 Dec 2006 14:54:00 +0000 (14:54 +0000)] 
Added Ubunutu Dapper support files

15 years agoGeneral cleanup (documentation fixes, wrapping, Makefile) for release 1.0-RELEASE
Wincent Colaiuta [Mon, 16 Oct 2006 14:29:39 +0000 (14:29 +0000)] 
General cleanup (documentation fixes, wrapping, Makefile) for release

15 years agoInitial import
Wincent Colaiuta [Mon, 16 Oct 2006 14:11:55 +0000 (14:11 +0000)] 
Initial import